Black Hat USA 2009 Weekday Training Session

July 27-28

Mac Hacking Class

Vincenzo Iozzo

Overview

Mac OS X is starting to spread among users. More and more often security researchers and consultants need to deal with the security of this OS. Even if the system is based on UNIX there are a lot of unexplored areas which are needed to be understood for vulnerability research, reverse engineering and security assessment. The aim of this class is to provide the student with all the skills needed in order to fully perform research on this OS. Specifically how to write payloads, what are the tools needed to perform research and all the hidden oddities of OS X which other UNIX-based systems don’t have. At the end of the course the attendee will be able to reverse engineer any common OSX applications, writing exploits and perform system-wide assessment.

Prerequisites

Knowledge of C, Gdb and IDA Pro

Suggested: knowledge of the basics of Vulnerability Research and an understanding of X86 assembly.

Trainer:

Vincenzo Iozzo is a student at the Politecnico di Milano where he does some research regarding malware and IDS. He is involved in a number of open source projects, including FreeBSD due to Google Summer of Code. He also works as a security consultant for Secure Network, an Italian company, and as a reverse engineer for Zynamics. Additionally he spoke in a number of security conferences including Black Hat, EuSecWest and DeepSec.